Email Accounts Retention Policies

I work as the Records Coordinator for the District of North Saanich, a municipality at the northern end of the Saanich Peninsula, on Vancouver Island, British Columbia. I’m currently updating our Records Retention Policy and had a question concerning both staff and elected official’s emails.

Our elected officials now have District-provided email accounts. We’ve been discussing these email accounts in the context of our retention policy, and what we should be doing with the emails and the accounts after the elected official is no longer in office. Majority of the time, emails which are to be placed on Council agendas are forwarded to the Deputy Clerk or the Chief Administrative Officer. The rest of the emails the elected official writes or receives remains in their accounts.

Some questions:

In your organization, are elected officials’ email considered a public record or are they considered private?

Are the emails managed according to your organization’s classification scheme/retention schedule?

How do you handle elected official emails in your organization if you provide them with accounts?

Do you keep the accounts while they are in office and then delete them after they are gone?

Do you have a policy statement for the disposal of email accounts?

As for staff emails, obviously they should follow the classification scheme/retention schedule, and as we don’t have an EDRMS, they should be filed somewhere outside of Outlook. When an employee leaves, the Outlook PST files still exist, and that can cause problems for FOI requests. We have been thinking about having a statement in the retention policy about how we are going to deal with these PST accounts; this will give the IT department a standard to follow. Some suggestions have been to keep only 1 years’ worth of emails in staff accounts at any given time, keep everything in the account until they leave the organization, once they leave keep them for a certain period of time and then delete, the options go on.

Do you have a policy to deal with these email accounts?

Is there a best practice out there to developing this kind of policy?

I have done a lot of internet searching, and there are some points hidden away in email management policies, but most of the examples I’ve come across are American, and most are based on legislation which BC doesn’t have.